Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Elkomy
New Contributor II

Created on ‎12-04-2024 08:28 AM

Fortigate access issue

Hello

Anyone available for urgent support 

I have fortigate 81e I have config admin login to fortigate using two factor authentication and now when I login to fortigate I don't receive otp I tried to access it over console it also ask for otp that I didn't receive I need urgent support please 

Labels:
565
0 Kudos
15 REPLIES 15
dingjerry_FTNT
Staff
Staff
In response to Elkomy

Created on ‎12-04-2024 08:51 AM

Hi @Elkomy ,

 

So is this FGT managed by FMG?  I guess no.

 

Can we schedule a maintenance window?

 

What is the firmware version for your FGT?  If it is before 7.2.4, you may try the "maintainer" method to reset the admin password:

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Resetting-a-lost-admin-password/ta-p/19704...

Regards,

Jerry
190
Elkomy
New Contributor II
In response to dingjerry_FTNT

Created on ‎12-04-2024 08:53 AM

The. Version is 7.2.9

187
0 Kudos
dingjerry_FTNT
Staff
Staff
In response to Elkomy

Created on ‎12-04-2024 09:03 AM

So question:

 

Did it work before? Or it never worked?

 

If so, I can't believe your customer would make such a change for all admin accounts without testing it to make sure it is working.

 

If it worked in the past, it might be a mail server issue.

Regards,

Jerry
181
Elkomy
New Contributor II
In response to dingjerry_FTNT

Created on ‎12-04-2024 09:07 AM

The customer is recently configured it once he loved out and try to login again he didn't receive otp

179
0 Kudos
dingjerry_FTNT
Staff
Staff

Created on ‎12-04-2024 07:42 PM Edited on ‎12-04-2024 07:46 PM

Hi @Elkomy ,

 

I have figured out one workaround and tested it in my lab:

 

1) Set up one FMG (7.2.8 GA or 7.4.5 GA, both will support FortiOS 7.2.9);

2) If you are using FMG 7.4.5 GA, make sure to enable ADOM mode and create one ADOM for FortiGate type with 7.2;

3) In Device Manager view, click "Add Device" to add this FGT with one admin account with Super_admin profile (I hope your client did not delete the default admin account).  FMG will NOT ask for the token for two-factor authentication.

4) Once Import is done, either edit one existing admin account to disable the two factor authentication or create a new admin account with no two factor authentication with Super_Admin.

 

dingjerry_FTNT_0-1733370366998.png

 

 

In my lab test, I created "test" admin account.

5) Push the changes back to the FGT.

 

You will regain the access to the FortiGate.

 

Regards,

Jerry
149
Elkomy
New Contributor II
In response to dingjerry_FTNT

Created on ‎12-05-2024 01:43 AM

does this solution require FMG-access on fortigate interface to be enabled or not?

129
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.